DJIGZO for Android can be used with your existing Android mail application to send and receive S/MIME signed and encrypted email.
- S/MIME 3.1 (X.509, RFC 3280), email encryption and digital signing
- Can be used with the Android Gmail application
- Compatible with existing S/MIME clients (like Outlook, Thunderbird etc.)
- Message and attachments are encrypted
- HTML email support
- Certificates are automatically extracted
- CRLs supported (LDAP and HTTP)
- Certificate trust lists (CTLs) for black/white listing certificates
- LDAP servers can be searched for certificates
- Can generate self-signed certificates for a 'private-PKI'
- DJIGZO for Android does not provide functionality to retrieve email. An existing Android mail application, for example Gmail, K9 or the default Android email client, should be used to retrieve the encrypted attached smime.p7m message.
- Clear signed digitally signed message can only be verified by opening the message as an .eml file from the sdcard. The complete message is required for validation. Existing mail clients however do not provide access to the complete message.
- The GET_ACCOUNTS permission is required to get the default sender address
- The READ_CONTACTS permission is required to lookup the recipients for the compose page
Some user complain that the app requires the "read call logs" permission. The app does not read the call logs nor does it need access to the call logs. It needs access to the contact list for recipient lookup on the compose screen. The app is built for older Android releases. In older releases of Android there was no "call log" permission (this "permission" was implicitly included with the contact list permission). The call log permission was later added to Android as an explicit permission. To provide backward compatibility, Android implicitly adds the call log permission if the app is built for older Android releases. There is not much we can do about this if we want to support older devices. For more info see http://goo.gl/LLlGFk
- Quick start guide http://www.djigzo.com/documents/djigzo-android-quick-start-guide.pdf
- Reference guide http://www.djigzo.com/documents/djigzo-android-reference-guide.pdf
For more information see http://www.djigzo.com/android.html
For support contact us at [email protected]
DJIGZO, based in Amsterdam, the Netherlands, provides products for the protection of email. DJIGZO Email Encryption Gateway is an open source centrally managed email server that encrypts and decrypts email at the gateway level.
Installation packages are available for Ubuntu, Debian, Red Hat and CentOS. A Virtual Appliance for VMware and Hyper-V is available. An add-on for BlackBerry is available.
Feedback on some reviews:
DJIGZO is fully functional and has been tested on the Galaxy tab despite Mr Croucher negative and false claims. The reason he could not import the keys was that he didn't understand the difference between private keys and certificates and kept on trying to import a .pfx file with the certificate import wizard (which is only for importing certificates, not keys).
Paula reported that she couldn't find any certificates. DJIGZO cannot "automagically" find all externally used certificates. There are three ways to get certificates for recipients: extracted from digitally signed email, manual import or, a certificate can be downloaded from an LDAP server. If a company uses their own LDAP server, add the LDAP server to the list.
About the integration of DJIGZO and email clients. DJIGZO registers itself as an application to handle S/MIME attachments (smime.p7m). If a mail application can download the smime.p7m attachment, it can be decrypted by DJIGZO. Most Android email clients cannot be extended by external apps. Improved integration between existing email clients and DJIGZO can only be done if the email client supports plugins.
The previous security fix (see below) did not work on some devices (some devices did not allow writing to /dev/urandom). This will now be handled gracefully.
Important Security Fix:
The default secure random generator provided by Android contains a bug which makes the generated random numbers not random enough. A fix has been added to fix this problem. For more information see: http://android-developers.blogspot.nl/2013/08/some-securerandom-thoughts.html